CVE-2025-66409

Summary

ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, when AVRCP is enabled on ESP32, receiving a malformed VENDOR DEPENDENT command from a peer device can cause the Bluetooth stack to access memory before validating the command buffer length. This may lead to an out-of-bounds read, potentially exposing unintended memory content or causing unexpected behavior.

Affected Software

VendorProductVersion RangeStatus
espressifesp-idf>= 5.5-beta1, <= 5.5.1affected
espressifesp-idf>= 5.4-beta1, <= 5.4.3affected
espressifesp-idf>= 5.3-beta1, <= 5.3.4affected
espressifesp-idf>= 5.2-beta1, <= 5.2.6affected
espressifesp-idf<= 5.1.6affected

Weaknesses

  • CWE-125: CWE-125: Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References